1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 package org.apache.amber.oauth2.client.demo.controller;
23
24
25 import java.io.IOException;
26 import javax.servlet.http.Cookie;
27 import javax.servlet.http.HttpServletRequest;
28 import javax.servlet.http.HttpServletResponse;
29
30 import org.apache.amber.oauth2.client.demo.exception.ApplicationException;
31 import org.apache.amber.oauth2.client.request.OAuthClientRequest;
32 import org.apache.amber.oauth2.common.exception.OAuthSystemException;
33 import org.apache.amber.oauth2.common.message.types.ResponseType;
34 import org.slf4j.Logger;
35 import org.slf4j.LoggerFactory;
36 import org.apache.amber.oauth2.client.demo.model.OAuthParams;
37 import org.springframework.stereotype.Controller;
38 import org.springframework.web.bind.annotation.ModelAttribute;
39 import org.springframework.web.bind.annotation.RequestMapping;
40 import org.springframework.web.servlet.ModelAndView;
41 import org.springframework.web.servlet.view.RedirectView;
42
43 import org.apache.amber.oauth2.client.demo.Utils;
44
45
46
47
48
49 @Controller
50 @RequestMapping("/")
51 public class AuthzController {
52
53
54 private Logger logger = LoggerFactory.getLogger(AuthzController.class);
55
56 @RequestMapping("/authorize")
57 public ModelAndView authorize(@ModelAttribute("oauthParams") OAuthParams oauthParams,
58 HttpServletRequest req,
59 HttpServletResponse res)
60 throws OAuthSystemException, IOException {
61
62 try {
63
64 Utils.validateAuthorizationParams(oauthParams);
65
66 res.addCookie(new Cookie("clientId", oauthParams.getClientId()));
67 res.addCookie(new Cookie("clientSecret", oauthParams.getClientSecret()));
68 res.addCookie(new Cookie("authzEndpoint", oauthParams.getAuthzEndpoint()));
69 res.addCookie(new Cookie("tokenEndpoint", oauthParams.getTokenEndpoint()));
70 res.addCookie(new Cookie("redirectUri", oauthParams.getRedirectUri()));
71 res.addCookie(new Cookie("scope", oauthParams.getScope()));
72 res.addCookie(new Cookie("app", oauthParams.getApplication()));
73
74 OAuthClientRequest request = OAuthClientRequest
75 .authorizationLocation(oauthParams.getAuthzEndpoint())
76 .setClientId(oauthParams.getClientId())
77 .setRedirectURI(oauthParams.getRedirectUri())
78 .setResponseType(ResponseType.CODE.toString())
79 .setScope(oauthParams.getScope())
80 .buildQueryMessage();
81
82 return new ModelAndView(new RedirectView(request.getLocationUri()));
83
84 } catch (ApplicationException e) {
85 oauthParams.setErrorMessage(e.getMessage());
86 return new ModelAndView("get_authz");
87 }
88 }
89
90
91 }